/
Data Model & Security
Interlingo

Data Model

The Customer Lifecycle Status is modeled in a dedicated table to track the current lifecycle stage, historical changes, and related metadata. This structure supports tenant-level customization and full auditability.

Field

Type

Description

id

UUID

Unique identifier (primary key)

customer_id

UUID

Foreign key to customers table

tenant_id

UUID

Foreign key to tenants table

current_stage

ENUM

Current lifecycle stage (custom per tenant)

stage_entered_at

TIMESTAMP

Timestamp when the current stage was entered

updated_by

UUID

ID of user who performed the last update

last_updated

TIMESTAMP

Last update timestamp

reason_code

VARCHAR(255)

Optional system or user-defined reason for transition

is_manual_update

BOOLEAN

Indicates whether the update was user-driven or system-driven

Note: A historical table for lifecycle transitions is also maintained for auditing purposes.

Field

Type

Description

id

UUID

Primary key

customer_id

UUID

Reference to customer

from_stage

ENUM

Previous lifecycle stage

to_stage

ENUM

New lifecycle stage

changed_at

TIMESTAMP

When the transition occurred

changed_by

UUID

User or system ID responsible

reason_code

VARCHAR(255)

Optional transition reason

source

ENUM

'UI', 'API', 'EventListener', etc.

Security & Permissions

Access Control

Role

View Lifecycle

Update Lifecycle

View History

Configure Stages

Customer Viewer

Account Manager

Tenant Admin

Super Admin (Internal)

Permission Checks

Lifecycle operations are secured using JWT-based role verification and tenant-bound access filters.

function hasLifecyclePermission(user, action) {
  return user.roles.includes('ROLE_ACCOUNT_MANAGER') &&
         user.tenant_id === customer.tenant_id;
}

  • Lifecycle updates must validate:

    • User has permission for the customer’s tenant

    • Stage transition is allowed (based on tenant config)

    • Reason (if required) is present

Data Protection

  • Encryption at Rest: AES-256 encryption for lifecycle tables

  • Encryption in Transit: All APIs served via HTTPS only

  • Rate Limiting: API Gateway limits updates to 1000 per user per hour

  • Audit Logging: All lifecycle transitions are written to an immutable audit store

Warning: Lifecycle Status May Trigger Business Processes

Changing a customer's lifecycle stage may automatically trigger business logic such as:

  • Renewal campaign emails

  • Escalation alerts for "At-Risk" customers

  • Churn forecasting updates

Please ensure all updates are intentional and authorized.